1 // SPDX-License-Identifier: GPL-2.0
3 * linux/kernel/futex_compat.c
5 * Futex compatibililty routines.
7 * Copyright 2006, Red Hat, Inc., Ingo Molnar
10 #include <linux/linkage.h>
11 #include <linux/compat.h>
12 #include <linux/nsproxy.h>
13 #include <linux/futex.h>
14 #include <linux/ptrace.h>
15 #include <linux/syscalls.h>
17 #include <linux/uaccess.h>
21 * Fetch a robust-list pointer. Bit 0 signals PI futexes:
24 fetch_robust_entry(compat_uptr_t
*uentry
, struct robust_list __user
**entry
,
25 compat_uptr_t __user
*head
, unsigned int *pi
)
27 if (get_user(*uentry
, head
))
30 *entry
= compat_ptr((*uentry
) & ~1);
31 *pi
= (unsigned int)(*uentry
) & 1;
36 static void __user
*futex_uaddr(struct robust_list __user
*entry
,
37 compat_long_t futex_offset
)
39 compat_uptr_t base
= ptr_to_compat(entry
);
40 void __user
*uaddr
= compat_ptr(base
+ futex_offset
);
46 * Walk curr->robust_list (very carefully, it's a userspace list!)
47 * and mark any locks found there dead, and notify any waiters.
49 * We silently return on any sign of list-walking problem.
51 void compat_exit_robust_list(struct task_struct
*curr
)
53 struct compat_robust_list_head __user
*head
= curr
->compat_robust_list
;
54 struct robust_list __user
*entry
, *next_entry
, *pending
;
55 unsigned int limit
= ROBUST_LIST_LIMIT
, pi
, pip
;
56 unsigned int uninitialized_var(next_pi
);
57 compat_uptr_t uentry
, next_uentry
, upending
;
58 compat_long_t futex_offset
;
61 if (!futex_cmpxchg_enabled
)
65 * Fetch the list head (which was registered earlier, via
66 * sys_set_robust_list()):
68 if (fetch_robust_entry(&uentry
, &entry
, &head
->list
.next
, &pi
))
71 * Fetch the relative futex offset:
73 if (get_user(futex_offset
, &head
->futex_offset
))
76 * Fetch any possibly pending lock-add first, and handle it
79 if (fetch_robust_entry(&upending
, &pending
,
80 &head
->list_op_pending
, &pip
))
83 next_entry
= NULL
; /* avoid warning with gcc */
84 while (entry
!= (struct robust_list __user
*) &head
->list
) {
86 * Fetch the next entry in the list before calling
89 rc
= fetch_robust_entry(&next_uentry
, &next_entry
,
90 (compat_uptr_t __user
*)&entry
->next
, &next_pi
);
92 * A pending lock might already be on the list, so
93 * dont process it twice:
95 if (entry
!= pending
) {
96 void __user
*uaddr
= futex_uaddr(entry
, futex_offset
);
98 if (handle_futex_death(uaddr
, curr
, pi
))
103 uentry
= next_uentry
;
107 * Avoid excessively long or circular lists:
115 void __user
*uaddr
= futex_uaddr(pending
, futex_offset
);
117 handle_futex_death(uaddr
, curr
, pip
);
121 COMPAT_SYSCALL_DEFINE2(set_robust_list
,
122 struct compat_robust_list_head __user
*, head
,
125 if (!futex_cmpxchg_enabled
)
128 if (unlikely(len
!= sizeof(*head
)))
131 current
->compat_robust_list
= head
;
136 COMPAT_SYSCALL_DEFINE3(get_robust_list
, int, pid
,
137 compat_uptr_t __user
*, head_ptr
,
138 compat_size_t __user
*, len_ptr
)
140 struct compat_robust_list_head __user
*head
;
142 struct task_struct
*p
;
144 if (!futex_cmpxchg_enabled
)
153 p
= find_task_by_vpid(pid
);
159 if (!ptrace_may_access(p
, PTRACE_MODE_READ_REALCREDS
))
162 head
= p
->compat_robust_list
;
165 if (put_user(sizeof(*head
), len_ptr
))
167 return put_user(ptr_to_compat(head
), head_ptr
);
175 COMPAT_SYSCALL_DEFINE6(futex
, u32 __user
*, uaddr
, int, op
, u32
, val
,
176 struct old_timespec32 __user
*, utime
, u32 __user
*, uaddr2
,
180 ktime_t t
, *tp
= NULL
;
182 int cmd
= op
& FUTEX_CMD_MASK
;
184 if (utime
&& (cmd
== FUTEX_WAIT
|| cmd
== FUTEX_LOCK_PI
||
185 cmd
== FUTEX_WAIT_BITSET
||
186 cmd
== FUTEX_WAIT_REQUEUE_PI
)) {
187 if (compat_get_timespec(&ts
, utime
))
189 if (!timespec_valid(&ts
))
192 t
= timespec_to_ktime(ts
);
193 if (cmd
== FUTEX_WAIT
)
194 t
= ktime_add_safe(ktime_get(), t
);
197 if (cmd
== FUTEX_REQUEUE
|| cmd
== FUTEX_CMP_REQUEUE
||
198 cmd
== FUTEX_CMP_REQUEUE_PI
|| cmd
== FUTEX_WAKE_OP
)
199 val2
= (int) (unsigned long) utime
;
201 return do_futex(uaddr
, op
, val
, tp
, uaddr2
, val2
, val3
);